Posted
by
timothy
on Saturday February 19, 2011 @08:03AM
from the small-victories-are-still-good dept.

intellitech writes "This will make a lot of you feel better. Groklaw is reporting that both parties have come up with a stipulation in Sony Computer Entertainment American v. Hotz regarding what Hotz must do about handing over his computers. The new Preliminary Injunction (PDF) now says that he is to turn his materials over to a 'neutral' third party, not to SCEA's lawyers, and after the neutral party combs through them, it all is returned to Hotz. All but whatever they 'segregate' out of them. He won't get that back until the end of the litigation, should he prevail, which this court at least currently thinks is less likely than that Sony will. There will be a hearing on Hotz's motion to dismiss on April 8, 2011."

And that's why the next step must be: blow up Sony's offices, kill Sony's personnel. Especially execs and technicians, who are hard to replace. One bomb per day would be nice. Can a huge corporation survive boycotts? Yes, they have so many diversified activities you can't boycott them all. Can it survive legal battles? Yes, it has more money than any of its enemies. Can it survive massive, unrestrained violence? No, a corporation after all is made of people, and they can be killed like anyone else.

Who has heard about this and can still meaningfully declare to stop buying from Sony? Nobody, that's who. Everybody "in the know" already boycotts Sony, so Sony doesn't have to give a rat's ass about anything anymore: Their customers don't care.

My family doesn't buy sony, because as the family techie, I tell them it's not worth trying to deal with them and I get them a system that has the capabilities they want and doesn't depend on brand.

That has been my position since (as I understand it) they sued Lik Sang out of existence. Lik Sang existed to make money by making geeks happy. I do not give money to people who seem to be actively engaged in stopping me from being happy.

...it didn't provide access to all the superjuicy bits - even if they weren't exactly needed for homebrew..

What, like actual hardware accelerated graphics? IIRC, it just provided a framebuffer. Try uninstalling your video drivers and then playing any game.

you really ought to just get a dev license and start making some serious money.

Not everyone's in it for the money, and then you're subject to Sony's rules about what is and isn't allowed on the console. Do you think they'd ever allow something like XBMC?

before long, SONY realized their hacking was getting awfully close to not just unlocking some additional functionality, but also to unlocking piracy.

Interestingly, if you look at the timeline, piracy was about the first thing to fall. It was never the motive, otherwise you'd think these guys would stop.

So they removed OtherOS.

And thus, the first serious effort to hack the PS3. Before they removed OtherOS, it was this invincible platform, people were much more focused at hacking other systems since the PS3 already let them do something, at least.

Keep in mind, the people who made the first attempt are not the same people who ran projects like this. [umassd.edu]

You also say this casually, as if it's an OK thing for Sony to do, as if it's theirs to remove anymore. If I'd bought a PS3, I'd expect OtherOS to be a feature I bought it with. No matter that Sony had a pissing contest with some hackers, what they're doing here is trying to take back a feature I fucking bought. It's not terribly different from breaking into my car and stealing the stereo back because they've heard some people do evil things with stereos.

...I can do that on a generic PC, laptop, tablet.. you know.. the -real- hacker-friendly hardware.. why bother hacking the PS3 at all if NOT for the piracy?

For the things you can't do [umassd.edu] on a PC, laptop, tablet, etc. Never mind that, again, it was sold open. How would you feel if Dell took back your ability to run other OSes on your laptop, and locked you to Windows ME?

See if another console developer ever tries to be hackerfriendly again.

I would hope that other developer would take a look at the timeline. The PS3 certainly wasn't harder to hack than any other console. It's now been ripped open harder and deeper than any other console -- Sony is suing because that's what they know how to do, because they know very well that they can't put the cat back in the bag, that they can't just release a patch and call it done. And of course, as a nasty side effect for Sony, piracy is now possible.

But this didn't happen for years. They bought themselves years and years by being even marginally open. If they'd given more access to the hardware, there'd likely be even less incentive to hack it. It's not likely that they'd have kept it closed forever, but it's pretty clear that the only reason the PS3 remained uncracked for so long while other platforms were routinely pwned was OtherOS.

Everybody whining about the homebrew.. get a fucking PC and have at it

Why should I have to? I mean, I have a PC. You're talking about getting another one, trying to make it small, quiet, and cool, while adding enough power to play games, then getting a controller and trying to find PC games that play well from the couch with a controller, then setting up something like MythTV and buying a remote...

Never mind the people who already bought a PS3 for that purpose, back when it was actually reasonable to do. Or the people building clusters [umassd.edu] out of them. They should just, what, suck it up and throw all that shit away, and then go buy whatever h

Oddly enough (well, not really odd) my comment seems to be the only one that doesn't scream "RAR! RAR! RAR! GOOO hackers! BURN SONY TO THE GROUND! YEAH! WOO!".. if only it were, it'd get a +5 in no time.

Perfectly right! Curiously, for a tech-minded website populated by supposedly rational people interested in tech, an amazing number of moderators and posters seem to be outright Sony-haters here.

Perhaps one that overheated, and ate cd drives, then sony refused to fix the laptop even though it was under warranty.

That's right Sony, I remember you screwing me with that laptop. Ive avoided most of your crap for the past 7 years... Don't worry after continuing stunts like this, I will probably never purchase anything that has the bad luck to bear the sony badge

Perhaps one that overheated, and ate cd drives, then sony refused to fix the laptop even though it was under warranty.

That's right Sony, I remember you screwing me with that laptop. Ive avoided most of your crap for the past 7 years... Don't worry after continuing stunts like this, I will probably never purchase anything that has the bad luck to bear the sony badge

To prove that there was evidence deleted, you have to prove it existed in the first place.

Absence of evidence can be evidence of absence in certain situations.

To greatly simplify things: There is a room with a fire in the center and nothing else. A judge tells me not to burn any paper I may have in my pockets. I go into the room, and I come out and they search me and the room and find no paper. I say that I never had the paper.

Then the present evidence of me putting paper into my pockets earlier, and

Hi MR AC! The problem is the MFT [pcguide.com] bites you in the ass every single time without fail. I have a friend that works in the state crime lab and it is ALWAYS the MFT that gets you. It is almost impossible to remove file traces from the MFT (I know of a few cleaners that will, but the vast majority won't touch it for fear of making the machine unbootable) and they can tell what you had on the drive simply by doing a search of the pointers in the MFT.

Now since I doubt he is using an OS where it is trivial to clear files from the file system like FAT (they also have tools to hunt for files in EXT 2/3 and ReiserFS) and in all likelihood he is running XP or later, well then the odds he could pull off erasing the MFT without making it obvious the MFT was tampered with (remember willful destruction is a felony IIRC) are pretty much zip. It is always the MFT that gets them, especially since so few understand how the MFT works.

Just use a flash drive and then a USB port wired with 48V instead of 5V to burn it out. Hand it over and they can't make it work all you can claim is that it's on the drive and if they can't make it work maybe they had an ESD accident.

That's a good way to automatically lose your case and get the steepest possible punishment. Judges hate, hate people who destroy relevant evidence, and even if you securely erase the data itself, forensics teams can often tell that you erased something in the first place (and if he did that, Hotz would have to explain why he didn't have any data relating to this project he spend so much time on). I'm sure it's possible to erase things in such a fashion as to avoid leaving evidence that I ever performed an erasure, but I sure wouldn't want to chance it in his situation, especially when it doesn't look like Sony has an especially strong case.

Has anyone thought he may not have to delete anything? They need to prove he was attempting to circumvent copyright protection devices. My understanding of the situation is that he was trying to restore the ability to boot to linux on the PS3, a feature that was included on the device when he purchased it. If that's all he really did then there isn't really anything to find on his computers other than contacts and login credentials for various accounts that Sony was certainly interested in.

Yeah, everyone seems to be missing the fact the DMCA violations require the intent to violate copyright, not just the ability to do so. If he was hacking with any intent other than stealing games it's perfectly legitimate, even under the DMCA.

Uhh, as far as the 3.55 stuff, geohot merely released a FW update that enabled the "install PKG from USB" feature in XMB and some signing tools. Both of those have very valid uses other than piracy, and neither enable piracy in and of themselves. That's like saying that releasing a hex editor or decompiler is illegal because you could use it to crack PC games.

Actually, geohot went so far as to warn people *not* to try making the changes that are necessary for backup managers to function because he had seen that 3.55 FW had some memory protection tricks in place that could brick your PS3 if you tried to patch the LV2 syscalls needed for backup managers (and thus easy piracy) all willy-nilly. I believe exactly what he said was something like "OMG OMG OMG OMG DO NOT PATCH LV2 OR YOU WILL BRICK YOUR CONSOLE" (I know I'm quoting the OMGs, at least -- the wording of the rest might be a little off).

So, FW patch that let's you install signed software from USB + signing tool to me does not = piracy, but rather any capability to run homebrew. Given the fact that he's never enabled any of the stuff necessary to make piracy simple, and outright states tat he's against piracy at every turn, I'm not sure how you get to your conclusion.

kmeaw, hermes, and KaKoRoTo however are the ones you should be looking at.

I don't think he cares if he pisses people off. He isn't their personal cracking machine. If he satisifes his curiousity/has fun then more power to him. I bet people would even get angry with him for cracking things and not telling them about it. Mind you most of those people are medicated.

Err, doesn't it also serve the obvious purpose of allowing the execution of homebrew without the need for a dongle attached at all times, as well as being necessary for CFWs, or am I thinking the wrong key?

On computers, things get deleted all the time. Proving that you erased something doesn't really say what that something is you erased. You don't need to explain why you didn't use your computer to store information - you could just say you kept it in your mind or whatever.

I doubt he would have, especially if he has had legal advice. That is a sure way to lose the case, and get the book thrown at him, even if it is just a civil case.

On the other hand, as a security researcher, he would most likely have had everything encrypted (if he is smart). There is nothing I can see in the injunction that says he must turn over encryption keys (ie. the knowledge in his head - not a document). I am not a lawyer, but I don't believe he can be compelled to do that for a civil case and i

For example, I own a Sony Mylo 2, payed U$300 for it: a platform that wasn't a lost-sale approach like PSP and PlayStation, but actually had it's profit mark upon first sale. This platform (Mylo 2) runs a closed-source Linux that Sony didn't have permition to use, has ceased from being updated despite having a higher profit margin than other Sony products, has a 600MHz CPU+64MB Ram with just under 1GB of solid-state that perseveres for all applications, and despite running Linux it has been useless to this day while others have bought Sony's true lost-cause known as PSP. Sony lost money on PSP because the jailbreaking allowed use of any ROM or Homebrew, and no money was made on sale of commercial ware from Sony, while actual competitive products like the Mylo 2 get absolutely ignored.

Why does Sony get away with so-much as stealing Linux onto a Mylo 2 that they refuse to open-up, and they prosecute anyone that ports applications to it without their devloper kit, yet with PSP they continually re-patch from anyone jailbreaking it for playing Homebrew and ROM's that none payed for?

Mylo 2 is perhaps a platform with much more potential than any PDA Phone until Open Pandora arrived, yet Sony just continually stifles it's progress.

Violating the GPL is infringement. Many businesses that violate it do so willfully. That's no different than the "piracy" Sony and others seek to "prevent". As for Linux itself, depends on what else they've bundled as to whether it's a violation or not. If there's not source available for everything and a means to somehow produce binaries (no mention of being able to RUN them is brought up in the license...hence V3's changes...) you're in compliance. V3's a different story as you rightly point out- bu

You can see parts of the filesystem through the Netfront webbrowser on the Mylo 2 unit, yet it's just locked-down in such a way using User access restrictions that prevent you from migrating any kind of application onto the filesystem. Remember that there is no console to use it, yet it it is a Linux kernel just like the previous Sony Mylo 1 that came with Opera (embedded Linux version).

Nobody tried at all to 'jailbreak' any of the Mylos because they were just expensive little dream computers that were twi

Piracy of games literally is not stealing, it's the fencing of goods (for free) in a way that the license for the product forbids ("You shall not make unauthorized copies of this software."). If the license for the game didn't explicitly forbid copying, you'd be within your rights to do so, up to the point where you fall afoul of some other law, such as copyright. Violating any other license's explicit terms, including those of the GPL, is actually 100% equivalent.

You bet. The "copyright" controls inside these devices are not really for copyright protection purposes. You can always make a bit-for-bit-perfect copy of optical media if you have the right hardware, and the real pirates have the right hardware. Therefore, by definition, any DRM scheme not involving handing out a one-time-use account key to the first owner of a game is, by definition, completely ineffectual as a copyright protection scheme.

No, the principal purpose of those keys is to prevent third parties from developing for their platform without paying them royalties. To that end, if game developers believed Sony had no way of re-securing their platform, and if this belief led them to release titles without paying Sony, then Sony would stand to lose a lot of money.

Heh... They should be careful- that function which is the real purpose of their "protections" is not something that gives them standing in this case. If it's shown that this is a goodly portion of what is going on, the case probably ought to implode quickly on them.

At least for DVDs, there is no part of a disk that a burner can't write to. You just have to have a burner designed for authoring and somewhat more expensive authoring media that doesn't pre-burn the CSS area. When it comes to DVDs, they're about three or four grand apiece, last I checked, but they are readily available.

Alternatively, I suspect you can find hacked firmware for DVD+R burners to do it since that part of the media is actually burnable on DVD+R. If it doesn't exist by now, I'd be surprised.

And you can actually buy DVD-R media without the lead-in pre-burned, or at least somebody can. The DVD Forum approved that about four years ago for use in special kiosks that burn movies on demand. Again, you'd need custom firmware and the modified (non-pre-burned) DVD-R media, but if you're a company in China manufacturing fake DVDs, I doubt that you'd have hard time finding somebody to supply such things.

This is, of course, assuming that you felt the need to use burners at all. In reality, you don't need to be able to burn a copy of the disc if you're doing mass piracy. All you need is a replication house that doesn't look too closely (for a fee). The stampers start with a bit-for-bit image of the data to be burned. AFAIK, in principle, there's no reason this couldn't come from a commercial DVD.

For Blu-Ray discs, I have no idea. I haven't had any reason to author one yet.

It is quite telling that they need to go to these lengths to stop unlicensed development. There is no legal basis for it, in fact in the EU reverse engineering for interoperability is specifically exempt. Nintendo tried using copyright back in the SNES days and failed in court.

I hope someone figures out how to use this to develop for unmodified PS3s. Might get some less formulaic games.

Oh, they don't have to stop it forever. They just have to delay it long enough to fully recoup their R&D costs. After that, when somebody cracks their DRM, they'll just release the PS4, and then nobody will want the PS3, so nobody will want to develop software for it. Problem solved.

The court wouldn't allow it. If the court has to, they will search for an independent third party that has absolutely nothing to do with the case if neither SCEA or Hotz can provide a sufficiently neutral third party to examine the systems.

Judges don't like appeals overturning decisions. Allowing that would cause a solidly appealable decision that could vacate, maybe remand the case, on them. They're going to typically try their damnedest, if the defense counsel pitches a fit over a Sony division or affiliate, to make SURE that there's a truly neutral party in place for this.

If someone sells you something, and takes it back, that doesn't entitle you to break into their house *and* give a copy of the key to everyone on the street.

Of course, he could have gotten away with breaking into their house if he'd just kept his mouth shut. Or gone anonymous. The problem is that he had to stand on his soapbox and declare to the world how cool he was that he'd broken in, and give them the tools to do so as well. He didn't do any damage himself, but he directly enabled tons of not-so-ethical

The analogy doesn't matter. His motivation doesn't matter either. (I'm actually *for* hacking your own hardware.) The guy could have avoided all this trouble if he'd either kept it to himself or his close circle of friends, or went the anonymous route.

Instead, he chose to show off and tell the whole world "LOOK WHAT I DID!"

He knew exactly who he was messing with, but decided to go full retard anyway.

So what? A lot of smart guys (and gals) smoke, have risky sex, drive recklessly and perform a thousand other stupid activities because they're convinced that, whatever happens to other people who do such things, it won't happen to them.

Most of us think we're untouchable. Until we get that lab result, hit that tree... or receive that subpoena.

Personally, I wish all civil and almost all criminal cases operated on this principle.

Any subpoenaed evidence or any evidence caught in a police raid that wasn't obviously relevant should be turned over to a neutral 3rd party for sifting, with only evidence relevant to the case turned over to the police or plaintiff.

I would make two exceptions:1) Evidence of a future crime, but only for the purposes of stopping that crime. For prosecution purposes, the evidence would be treated as "tainted" and could not be used to prosecute unless it was admissible under some other rule like "inevitable discovery."2) Evidence of a past un-related crime or non-criminal civil offense where an identifiable victim needs victim-services or restitution, but with a similar stipulation as #1. The victim would be allowed to pursue civil actions and restraining orders using this evidence. One a lawsuit happens, a lot of information enters the public record and for particularly offensive acts, the information gets into newspapers. The criminal may be spared prison and an additional criminal record but he'll still have his reputation impacted.

Yes, this will lead to injustices but my interpretation of "unreasonable search and seizure" means if the police think you are guilty of crime A, and but for the search related to crime A they would never have found out about crime B, then the criminal courts should be treated the same for crime B as if the search related to crime A never happened. BUT it's even more unjust to deny a victim the necessary services once you, the police or a neutral third party, know they are a victim.

IT IS FURTHER ORDERED that Defendant Hotz is required to deliver his computers, hard drives, CD-roms, DVDs, USB sticks, and any other storage devices on which any Circumvention Devices are stored

Wait a minute here... surely there's a question of whether or not there ARE any "Circumvention Devices", that being a term defined by 17 USC 1201. By requiring Hotz to turn over "Circumvention Devices" the judge is requiring him to eithera) Concede the point here and now ORb) Risk contempt of court charges for not turning them over.

IT IS FURTHER ORDERED that the $10,000.00 posted by SCEA on January 27, 2011 as security for the Court's issuance of the Temporary Restraining Order shall suffice 3 for this Preliminary Injunction.

I didn't realize purchasing a preliminary injunction was so cheap.

I see the "Honorable" Susan Illston is still giving us a demonstration of what "due process" looks like nowadays; first issue a broad ex parte injunction, THEN hold a hearing, then ratify the original injunction with only minor changes, requiring the defendant to cede the case to comply. No opinion was published, so apparently we're not going to get to see her "reasoning" in this case.

This builds a pretty strong case to have a EC2 accountand just keep a "small" linux vm running. Have it cron'dto kill itself every 12-24 hrs. Kinda like, this tape willself-destruct.

Then use that vm to access ur ENCRYPTED info onanother cloud.

Even if they did compel u to turn over the account, allthey would have is a dead process. And even if thatprocess was resurrected, it would just have net access.And only a sloppy idiot would leave a trace of ur cloudstorage access.

I would love to see him countersue for slander, and ask for all of sony's legal department computers so that he could search through their emails. When the judge says no, he'll have a great case for appeal.